Can't connect to https anymore using DuckDNS Plugin

Configuration
1

I recently noticed some issues connecting to hassio using my browser and the official app.
I used to connect to hassio using the duckdns plugin with https enabled but I soon realized that I couldn’t connect to https anymore. Chrome was suggesting to connect to http instead. Using an incognito window I could finally connect to http.

While debugging the issue I noticed the following things:

  • the DuckDNS plugin logs show a series of “INFO: KO” only
  • when connected to http, I can’t load most tabs besides the Dashboard (this is quite inconsistent, sometimes I can… weird!). When that happens I see an alert saying Unable to load the panel source: /api/hassio/app/entrypoint.js. and the console logs: Uncaught (in promise) DOMException, Failed to load resource: net::ERR_CERT_DATE_INVALID

Home Assistant version: 0.97.2
DuckDNS version 1.9

I restarted the raspberry a few times, restarted Chrome, cleared the data and tried incognito.

2

uninstall and reinstall the ddns plugin, copy your configuration properly. Verify that you have the correct ports open in your router too.

3

I uninstalled and reinstalled the plugin. Still not working but at least I can see more logs:

# INFO: Using main config file /data/workdir/config
+ Generating account key...
+ Registering account key with ACME server...
+ Fetching account ID...
+ Done!
[20:29:06] INFO: KO
# INFO: Using main config file /data/workdir/config
 + Creating chain cache directory /data/workdir/chains
Processing subdomain.duckdns.org with alternative names: *.subdomain.duckdns.org
 + Creating new directory /data/letsencrypt/subdomain.duckdns.org ...
 + Signing domains...
 + Generating private key...
 + Generating signing request...
 + Requesting new certificate order from CA...
 + Received 2 authorizations URLs from the CA
 + Handling authorization for subdomain.duckdns.org
 + Handling authorization for subdomain.duckdns.org
 + 2 pending challenge(s)
 + Deploying challenge tokens...
OKOK + Responding to challenge for subdomain.duckdns.org authorization...
 + Cleaning challenge tokens...
OKOK + Challenge validation has failed :(
ERROR: Challenge is invalid! (returned: invalid) (result: {
  "type": "dns-01",
  "status": "invalid",
  "error": {
    "type": "urn:ietf:params:acme:error:unauthorized",
    "detail": "Incorrect TXT record \"xxx\" found at _acme-challenge.subdomain.duckdns.org",
    "status": 403
  },
  "url": "https://acme-v02.api.letsencrypt.org/acme/challenge/xxx/000",
  "token": "xxx"
})
[20:35:41] INFO: KO

I also tried removing the privkey.pem and fullchain.pem

Any idea on how to fix the letsencrypt error?

4

KO means DuckDNS cannot or has not updated your duckdns domain with your current IP address

2 Likes